Chore: Make the secret table name configurable (#83106)

1 year ago · 7f9ebe5464
parent 3829da0616
commit 7f9ebe5464
1 changed files with 20 additions and 14 deletions
--- a/pkg/services/secrets/database/database.go
+++ b/pkg/services/secrets/database/database.go
@ -11,29 +11,35 @@ import (
 	"github.com/grafana/grafana/pkg/services/secrets"
 )

-const dataKeysTable = "data_keys"
-
 type SecretsStoreImpl struct {
-	db  db.DB
-	log log.Logger
+	db    db.DB
+	log   log.Logger
+	table string
 }

 func ProvideSecretsStore(db db.DB) *SecretsStoreImpl {
 	store := &SecretsStoreImpl{
-		db:  db,
-		log: log.New("secrets.store"),
+		db:    db,
+		log:   log.New("secrets.store"),
+		table: "data_keys",
 	}

 	return store
 }

+func NewSecretsStoreForTable(db db.DB, table string) *SecretsStoreImpl {
+	store := ProvideSecretsStore(db)
+	store.table = table
+	return store
+}
+
 func (ss *SecretsStoreImpl) GetDataKey(ctx context.Context, id string) (*secrets.DataKey, error) {
 	dataKey := &secrets.DataKey{}
 	var exists bool

 	err := ss.db.WithDbSession(ctx, func(sess *db.Session) error {
 		var err error
-		exists, err = sess.Table(dataKeysTable).
+		exists, err = sess.Table(ss.table).
 			Where("name = ?", id).
 			Get(dataKey)
 		return err
@ -56,7 +62,7 @@ func (ss *SecretsStoreImpl) GetCurrentDataKey(ctx context.Context, label string)

 	err := ss.db.WithDbSession(ctx, func(sess *db.Session) error {
 		var err error
-		exists, err = sess.Table(dataKeysTable).
+		exists, err = sess.Table(ss.table).
 			Where("label = ? AND active = ?", label, ss.db.GetDialect().BooleanStr(true)).
 			Get(dataKey)
 		return err
@ -76,7 +82,7 @@ func (ss *SecretsStoreImpl) GetCurrentDataKey(ctx context.Context, label string)
 func (ss *SecretsStoreImpl) GetAllDataKeys(ctx context.Context) ([]*secrets.DataKey, error) {
 	result := make([]*secrets.DataKey, 0)
 	err := ss.db.WithDbSession(ctx, func(sess *db.Session) error {
-		err := sess.Table(dataKeysTable).Find(&result)
+		err := sess.Table(ss.table).Find(&result)
 		return err
 	})
 	return result, err
@ -91,7 +97,7 @@ func (ss *SecretsStoreImpl) CreateDataKey(ctx context.Context, dataKey *secrets.
 	dataKey.Updated = dataKey.Created

 	return ss.db.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
-		_, err := sess.Table(dataKeysTable).Insert(dataKey)
+		_, err := sess.Table(ss.table).Insert(dataKey)
 		if err != nil {
 			return err
 		}
@ -102,7 +108,7 @@ func (ss *SecretsStoreImpl) CreateDataKey(ctx context.Context, dataKey *secrets.

 func (ss *SecretsStoreImpl) DisableDataKeys(ctx context.Context) error {
 	return ss.db.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
-		_, err := sess.Table(dataKeysTable).
+		_, err := sess.Table(ss.table).
 			Where("active = ?", ss.db.GetDialect().BooleanStr(true)).
 			UseBool("active").Update(&secrets.DataKey{Active: false})
 		return err
@ -115,7 +121,7 @@ func (ss *SecretsStoreImpl) DeleteDataKey(ctx context.Context, id string) error
 	}

 	return ss.db.WithDbSession(ctx, func(sess *db.Session) error {
-		_, err := sess.Table(dataKeysTable).Delete(&secrets.DataKey{Id: id})
+		_, err := sess.Table(ss.table).Delete(&secrets.DataKey{Id: id})

 		return err
 	})
@ -128,7 +134,7 @@ func (ss *SecretsStoreImpl) ReEncryptDataKeys(
 ) error {
 	keys := make([]*secrets.DataKey, 0)
 	if err := ss.db.WithDbSession(ctx, func(sess *db.Session) error {
-		return sess.Table(dataKeysTable).Find(&keys)
+		return sess.Table(ss.table).Find(&keys)
 	}); err != nil {
 		return err
 	}
@ -175,7 +181,7 @@ func (ss *SecretsStoreImpl) ReEncryptDataKeys(
 				return nil
 			}

-			if _, err := sess.Table(dataKeysTable).Where("name = ?", k.Id).Update(k); err != nil {
+			if _, err := sess.Table(ss.table).Where("name = ?", k.Id).Update(k); err != nil {
 				ss.log.Warn(
 					"Error while re-encrypting data encryption key",
 					"id", k.Id,